package com.sundablog.controller.backend.shiro;

import java.util.ArrayList;
import java.util.List;

import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.SimpleAuthenticationInfo;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.springframework.beans.factory.annotation.Autowired;

import com.sundablog.pojo.AdminPermission;
import com.sundablog.pojo.AdminRolePermission;
import com.sundablog.pojo.AdminUser;
import com.sundablog.pojo.AdminUserRole;
import com.sundablog.service.backend.system.upms.permissions.PermissionsService;
import com.sundablog.service.backend.system.upms.role.RoleService;
import com.sundablog.service.backend.system.upms.user.UserService;
import com.sundablog.utlis.RedisUtil;

import cn.hutool.core.util.StrUtil;

/**
 * 权限控制  
 * @ClassName:  BackendRealm   
 * @Description:权限控制  
 * @author: 哒哒 
 * @date:   2018年4月2日 下午2:08:16   
 *     
 * @Copyright: 2018 www.sundablog.com Inc. All rights reserved.
 */
public class BackendRealm extends AuthorizingRealm {
	@Autowired
	private UserService userService;
	
	@Autowired
	private RoleService roleService;
	
	@Autowired
	private PermissionsService permissionsService;
	
	@Override
	protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection token) {
		SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();
		AdminUser user = (AdminUser) SecurityUtils.getSubject().getPrincipal();
		String backendReaim = RedisUtil.get("backend_reaim_"+user.getUserId());
		if (StrUtil.isEmpty(backendReaim)) {
			//根据ID查询用户角色关联表
			AdminUserRole adminUserRole = userService.selectByUserId(user.getUserId());
			//根据角色查询角色权限关联表
			List<AdminRolePermission> list = roleService.selectRolePermissionByRoleId(adminUserRole.getRoleId());
			List<String> permissions = new ArrayList<>();
			for (AdminRolePermission adminRolePermission : list) {
				//根据权限id查询权限数据
				AdminPermission adminPermission = permissionsService.selectPermissionsByPermissionId(adminRolePermission.getPermissionId());
				if (!StrUtil.isEmpty(adminPermission.getPermissionValue())) {
					if (1 == adminPermission.getStatus()) {
						info.addStringPermission(adminPermission.getPermissionValue());
						permissions.add(adminPermission.getPermissionValue());
					}
					
				}
			}
			String join = StrUtil.join(",", permissions);
			RedisUtil.set("backend_reaim_"+user.getUserId(), join, RedisUtil.EXRP_HOUR);
			return info;
		} else {
			String[] split = StrUtil.split(backendReaim, ",");
			for (String string : split) {
				info.addStringPermission(string);
			}
			return info;
		}
		
		
		
	}

	@Override
	protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
		UsernamePasswordToken passwordToken = (UsernamePasswordToken) token;
		// 获得页面输入的用户名
		String username = passwordToken.getUsername();
		// 根据用户名查询数据库中的密码
		AdminUser adminUser = userService.selectAdminUserByUserName(username);
		if (adminUser == null) {
			// 页面输入的用户名不存在
			return null;
		}
		// 简单认证信息对象
		AuthenticationInfo info = new SimpleAuthenticationInfo(adminUser, adminUser.getPassword(), this.getName());
		return info;
	}

}
